Speed[.]exe | Triage

Resubmissions

23/02/2024, 18:00

240223-wll9wafd6v 6

Sharing

Copy URL Twitter E-mail

General

Target

Speed.exe
Size

3.0MB
MD5

22c731fe0c0c41fe14ce80b728b6cbe0
SHA1

0fe57c4f9ecf53fe60cad8a5ce21c6f218bd925d
SHA256

35654f401383be9af0dbff0d11a92220a17579a01030005de6943e63e03f460f
SHA512

23895d66ecec480095a7f1be53147ed3f5100e09b7fcb4135476d42c2db7313c1149f49a3b725a126895271e9d378fc16dac8d7ec4097516adc1ed593c7d0c0b
SSDEEP

49152:UL5aHsJ+Ad6UQYJ4AbWaSzyN2Cjmi4H7CoCbmK1ixBuKcTqiXaPCFCrgdi/U1ZLW:3Ngd5a/UHmmJ1CK35QjN3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Speed.exe

Files

Speed.exe
.exe windows:4 windows x86 arch:x86

9314f7f96e9f9d18172428cce284b5b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Speed\Pc\cd\SpeedR.pdb

Imports

d3d9

Direct3DCreate9

dinput8

DirectInput8Create

user32

SetWindowLongA
ShowCursor
PostThreadMessageA
wsprintfA
GetForegroundWindow
GetKeyState
keybd_event
RegisterClassA
IsIconic
GetWindowLongA
AdjustWindowRectEx
CreateWindowExA
GetDesktopWindow
ShowWindow
SetFocus
ClientToScreen
UnhookWindowsHookEx
wvsprintfA
SetCursorPos
EndPaint
DestroyWindow
GetMessageA
PostQuitMessage
SetCapture
BeginPaint
TranslateMessage
PeekMessageA
DefWindowProcA
PostMessageA
DispatchMessageA
ReleaseCapture
SetCursor
GetWindowRect
RegisterClassExA
SetForegroundWindow
GetClientRect
SetWindowsHookExA
LoadCursorA
AdjustWindowRect
SetRect
UnregisterClassA
SetActiveWindow
GetSystemMetrics
SetWindowPos
LoadIconA
CharUpperA
SystemParametersInfoA
SendNotifyMessageA
CallNextHookEx
GetAsyncKeyState
UpdateWindow

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA

winmm

timeGetTime
timeBeginPeriod
timeKillEvent
timeSetEvent
timeEndPeriod
timeGetDevCaps

gdi32

GetStockObject
DeleteObject

shfolder

SHGetFolderPathA

shell32

ShellExecuteA

ws2_32

socket
shutdown
bind
connect
ioctlsocket
setsockopt
WSAStartup
WSAGetLastError
closesocket
listen
accept
sendto
send
recvfrom
recv
getsockopt
select
getpeername
getsockname
WSAIoctl
gethostbyname
WSACleanup
ntohl
ntohs
htons
htonl

kernel32

GetLocaleInfoW
IsBadCodePtr
SetUnhandledExceptionFilter
ReadConsoleInputA
CompareStringW
CompareStringA
SetStdHandle
VirtualQuery
VirtualProtect
GetCurrentProcessId
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetLocaleInfoA
GetUserDefaultLCID
SetEnvironmentVariableA
RaiseException
GetCPInfo
GetOEMCP
GetACP
LCMapStringW
LCMapStringA
FlushFileBuffers
HeapSize
HeapReAlloc
HeapCreate
HeapDestroy
TlsAlloc
TlsFree
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
TlsGetValue
TlsSetValue
ExitThread
RtlUnwind
GetSystemTimeAsFileTime
GetTimeZoneInformation
TerminateProcess
SetErrorMode
Process32First
Sleep
GetLastError
GetLongPathNameA
Process32Next
CreateToolhelp32Snapshot
CloseHandle
WaitForSingleObject
CreateDirectoryA
SetCurrentDirectoryA
FindFirstFileA
FindClose
GetCurrentDirectoryA
GetVersionExA
DeleteFileA
GetModuleHandleA
GetLogicalDrives
GetDriveTypeA
SuspendThread
ResumeThread
MultiByteToWideChar
OutputDebugStringA
GetTimeFormatA
GetDateFormatA
SetProcessAffinityMask
SetPriorityClass
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThread
GetPriorityClass
SetThreadPriority
GetThreadPriority
GetProcessAffinityMask
QueryPerformanceFrequency
IsBadReadPtr
IsBadWritePtr
GetSystemInfo
IsProcessorFeaturePresent
lstrcmpiA
GetFullPathNameA
WideCharToMultiByte
MapViewOfFile
GetFileSize
CreateFileMappingA
CreateFileA
CreateFileW
UnmapViewOfFile
GetProcAddress
LoadLibraryA
SetEvent
ResetEvent
SetLastError
CreateEventA
LocalFree
FormatMessageA
WriteFile
SetFilePointer
MoveFileA
ReadFile
GetVolumeInformationA
SetEndOfFile
GetLogicalDriveStringsA
GetDiskFreeSpaceA
TerminateThread
SleepEx
GetCurrentThreadId
GetExitCodeThread
DuplicateHandle
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
CreateMutexA
ReleaseMutex
VirtualFree
VirtualAlloc
CreateThread
InterlockedExchange
HeapFree
GetProcessHeap
HeapAlloc
WaitCommEvent
GetOverlappedResult
SetCommMask
WaitForMultipleObjects
PurgeComm
SetCommState
GetCommState
SetCommConfig
GetCommConfig
SetCommTimeouts
SetupComm
GetCommandLineA
ExitProcess

dsound

ord1

ddraw

DirectDrawCreate

tapi32

lineOpen
lineGetDevCaps
lineShutdown
lineInitialize
lineAnswer
lineMakeCall
lineGetID
lineClose
lineNegotiateAPIVersion

netapi32

Netbios

dinput

DirectInputCreateA

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 208KB - Virtual size: 768KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Resubmissions

Sharing

General

Malware Config

Signatures

Files

9314f7f96e9f9d18172428cce284b5b0

Headers

File Characteristics

PDB Paths

Imports

d3d9

dinput8

user32

advapi32

winmm

gdi32

shfolder

shell32

ws2_32

kernel32

dsound

ddraw

tapi32

netapi32

dinput

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 244KB - Virtual size: 241KB

.data Size: 208KB - Virtual size: 768KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 244KB - Virtual size: 241KB

.data
Size: 208KB - Virtual size: 768KB